def validated(self, serialized_data, *args, **kwargs):
from rest_framework_jwt.settings import api_settings
from datetime import datetime
from .models import AuthTransaction
from drfaddons.add_ons import get_client_ip
from rest_framework.response import Response
user = serialized_data.object.get('user') or self.request.user
token = serialized_data.object.get('token')
response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token, user, self.request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
user.last_login = datetime.now()
user.save()
AuthTransaction(user=user, ip_address=get_client_ip(self.request), token=token,
session=user.get_session_auth_hash()).save()
return response
def post(self, request, *args, **kwargs):
try:
check_recaptcha(data=self.request.data,
required_field='recaptcha_response')
except (RequiredFieldException, RecaptchaException) as e:
return JsonResponse(e.message, status=e.status_code)
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, request)
response_data['name'] = user.first_name
# add the is_admin flag for the front end to make sure to only login admin users in dashboard
if user.is_staff:
response_data['is_admin'] = True
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True,
domain='analytics.searchsofts.com',
path='/')
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def validated(self, serialized_data, *args, **kwargs):
"""Validates the response"""
user = serialized_data.object.get("user") or self.request.user
token = serialized_data.object.get("token")
response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, self.request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
user.last_login = datetime.now()
user.save()
AuthTransaction(
created_by=user,
token=token,
ip_address=get_client_ip(self.request),
session=user.get_session_auth_hash(),
).save()
return response
def login(request):
serializer = LoginSerializer(data=request.data)
if serializer.is_valid(raise_exception=False):
# get username
username_or_email = serializer.data['username_or_email']
if '@' in username_or_email:
try:
username = get_user_model().objects \
.get(email=username_or_email, social_auth__isnull=True) \
.username
except get_user_model().DoesNotExist:
username = username_or_email
else:
username = username_or_email
# try credentials
user = authenticate(username=username,
password=serializer.data['password'])
if user is not None:
# success
payload = api_settings.JWT_PAYLOAD_HANDLER(user)
token = api_settings.JWT_ENCODE_HANDLER(payload)
response_payload = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user)
return Response(status=status.HTTP_200_OK,
data={
'authInfo': response_payload,
'msg': _('You have been logged in.')
})
return Response(status=status.HTTP_403_FORBIDDEN,
data={'_error': _('Wrong username or password.')})
def generate_token(self, user):
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token, user)
def create(self, request):
"""
:param request: {'username': '******', 'password': '******'}
:return: {'token': 'abcdef123456'}
"""
account = authenticate(**request.data)
if not account:
raise serializers.ValidationError({'error': 'Incorrect Username or Password'})
pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account)
token = api_settings.JWT_ENCODE_HANDLER(pre_payload)
token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token)
return Response(token)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, request)
return Response(data=response_data, status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def create(self, validated_data):
"""
@brief account registration logic.
"""
if validated_data['password'] != validated_data['confirm_password']:
raise serializers.ValidationError({'error': 'Passwords must match'})
else:
del validated_data['confirm_password']
account = User.objects.create_user(**validated_data)
pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account)
token = api_settings.JWT_ENCODE_HANDLER(pre_payload)
account.token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token)
return account
def post(self, request, *args, **kwargs):
res = super(SocialView, self).post(request, *args, **kwargs)
if res.status_code != 200:
return res
token = res.data['token']
user = get_user_model().objects.get(pk=res.data['id'])
response_payload = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user)
return Response(status=status.HTTP_200_OK,
data={
'authInfo': response_payload,
'msg': _('You have been logged in.')
})
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, request)
res = Response(response_data)
res.set_cookie(api_settings.JWT_AUTH_HEADER_PREFIX.upper(),
value=response_data['token'],
httponly=True,
expires=datetime.now() +
api_settings.JWT_EXPIRATION_DELTA)
return res
return Response({"error": serializer.errors})
def create(self, validated_data):
"""
@brief account registration logic.
"""
confirm_password = validated_data.get('confirm_password')
if confirm_password and validated_data['password'] == confirm_password:
del validated_data['confirm_password']
else:
raise serializers.ValidationError(
{'error': constants.ERROR_PASSWORD_CONFIRMATION}
)
account = User.objects.create_user(**validated_data)
pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account)
token = api_settings.JWT_ENCODE_HANDLER(pre_payload)
account.token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token)
return account
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
user.last_login = datetime.datetime.now()
user.save()
token = serializer.object.get('token')
response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, request)
profile_serializer = common_serializers.ProfileDetailSerializer(
instance=user.profile)
response_data.update({
'expires_in': api_settings.JWT_EXPIRATION_DELTA,
'profile': profile_serializer.data
})
return Response(response_data)
return Response(serializer.errors, status=400)
def post(self, request, *args, **kwargs):
# print(request.user)
if request.user.is_authenticated():
return Response({'detail': 'You are already authenticated'}, status=400)
data = request.data
username = data.get('username') # username or email address
password = data.get('password')
qs = User.objects \
.filter(Q(username__iexact=username) | Q(email__iexact=username)) \
.distinct()
if qs.count() == 1:
user_obj = qs.first()
if user_obj.check_password(password):
user = user_obj
payload = api_settings.JWT_PAYLOAD_HANDLER(user)
token = api_settings.JWT_ENCODE_HANDLER(payload)
response = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, request=request)
return Response(response)
return Response({"detail": "Invalid credentials"}, status=401)
def create(self, request, *args, **kwargs):
"""
:param request: {'username': '******',
'password': '******',
'token': 'xxxx'}
:return: {'token': 'abcdef123456'}
"""
token = request.data['token']
if not check_google_recaptcha(token, 'LOGIN'):
# TODO SAME ACTION CONDITIONAL
raise serializers.ValidationError({'error': constants.ERROR_CAPTCHA})
username = request.data['username']
password = request.data['password']
account = authenticate(username=username, password=password)
if not account:
raise serializers.ValidationError({'error': constants.ERROR_AUTH})
pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account)
token = api_settings.JWT_ENCODE_HANDLER(pre_payload)
token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token)
return Response(token)
def post(self, request, *args, **kwargs):
# print(request.user)
if request.user.is_authenticated:
return Response({'detail': 'Already authenticated!'}, status=400)
data = request.data
username = data.get('username')
password = data.get('password')
qs = User.objects \
.filter(Q(username__iexact=username) | Q(email__iexact=username)) \
.distinct()
if qs.count() == 1:
user_obj = qs.first()
if user_obj.check_password(password):
user = user_obj
# Custom function to generate the token payload
payload = api_settings.JWT_PAYLOAD_HANDLER(user)
token = api_settings.JWT_ENCODE_HANDLER(payload)
# Controlling the response data returned after login or refresh.
# Override to return a custom response - serialized representation of the User
response = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(
token, user, request=request)
return Response(response)
return Response({"detail": "Invalid credentials"}, status=401)
def jwt_create_response_payload(cls, *args, **kwargs):
return api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(*args, **kwargs)
